U.S. Department of Labor site was hacked on May Day, which is Labour Day in much of the world, but not in the United States, where Labour Day is celebrated in September. The attack used a malicious JavaScript file to get your browser to download a file called bookmark.png. The malicious JavaScript then uses the function called helo() in the script above in an effort to trigger the. remote code execution vulnerability in Internet Explorer 8. Microsofts EMET (threat mitigation tool) can be used to protect IE 8. Sophos products detect the malicious components as listed below.”]